Enterprise software developers continue to use flawed code in apps

Companies that develop enterprise applications download over 200,000 open-source components on average every year and one in every 16 of those components has security vulnerabilities.

This is indicative of the poor state of the software supply chain, a problem that’s only getting worse with the increased reliance on third-party code combined with bad software inventory practices.

According to software development lifecycle firm Sonatype, third-party components account for 80 percent to 90 percent of the code found in a typical enterprise application today.

The number of downloads from the largest largest public repository of open-source Java components reached 31 billion last year, a 82 percent increase over 2014, the company found.

To read this article in full or to leave a comment, please click here